nspawn: actually allow access to /dev/net/tun in the container

It's not sufficient to just copy the device node over, we need to update the policy for it too.
2025-03-31 14:50:15 +03:00 · 2014-10-10 11:11:25 +02:00 · 2014-10-10 11:11:25 +02:00 · 864e17068c
commit 864e17068c
parent 5516ae4419
1 changed files with 1 additions and 0 deletions
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@ -1558,6 +1558,7 @@ static int register_machine(pid_t pid, int local_ifindex) {
                                          "/dev/random", "rwm",
                                          "/dev/urandom", "rwm",
                                          "/dev/tty", "rwm",
+                                          "/dev/net/tun", "rwm",
                                          /* Allow the container
                                           * access to ptys. However,
                                           * do not permit the